RiskWatch for Financial Institutions™ creates a comprehensive compliance risk assessment (the required self-assessment) to match the FFIEC guidelines: IT, FFIEC, Information Technology (IT) Examination Handbook, RED FLAG, GLBA and more. The software includes the risk assessment compliance template, including role-based compliance questions, directly based on requirements, as well as web-based survey programs, and a complete written report, augmented by working papers that explain how each element was generated.
FINISH YOUR RED FLAG ASSESSMENT with Easy to Use, Affordable Software. It includes complete assessment versions for GLBA (Gramm Leach Bliley), the Red Flag Identity Theft Standard and Bank Secrecy Act (BSA) assessment standards. Sarbanes Oxley (SOX) is also available upon request. Web-based or server-based online questionnaires make it easy to gather role-based data, and generate management reports with working papers and complete audit trails.
The only fully standardized way to meet the new Red Flag and risk assessment requirements, RiskWatch for Financial Institutions is used by banks, insurance companies, trusts and savings banks other technical service providers such as payment processors.
16. From the Gartner Group Report “ RiskWatch, Inc., is positioned as the leading "rescuer" of a massive private and public market constrained by fear of loss in terms of dollars and human life. Its unique form of rescue is in its before-the-fact nature. The RiskWatch tools credibly guide the users through a process to qualify its security situation concerning threats, assets, potential loss, vulnerabilities, and safeguards. The client has the opportunity to establish its own image and foundation of security through RiskWatch's regulatory and quality compliance and accreditation tools and functions . Through its quantitative methods and automated functions, RiskWatch arms the analysts and decision-makers with a solid risk management analysis based on the ALE balanced with the ROI. Once the client establishes the security policies—the plan is deployed and its life cycle managed within the framework of RiskWatch. RiskWatch brings financially realized value to the client and the management vehicle and standards to follow”.
20. RISKWATCH ® Risk Assessment Process Automated Survey Management Process Management Data Aggregation & Analysis Content (Rules & Data) Risk Analysis Customization Reporting Respondents Analyst(s)
21. ELEMENTS OF A METRICS-BASED RISK ASSESSMENT APPROACH ASSETS THREATS VULNERABILITIES LOSSES SAFEGUARDS
22. Data Aggregation & Analysis Financial Data Software Automatically Analyses Over 3 Million Linking Relationships Risk = Asset Loss Threat Vulnerability Loss Delays & Denials Fines Disclosure Modification Direct Loss Asset Applications Database Financial Data Hardware System Software Threat Disclosure Hackers Fraud Viruses Network Attack Loss of Data Embezzlement Vulnerability Acceptable Use Disaster Recovery Authentication Network Controls No Security Plan Accountability Privacy Access Control Fines Disclosure Modification Fraud Loss of Data Acceptable Use Authentication Privacy Access Control